Skip to content
#

security-audit

Star

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

Here are 592 public repositories matching this topic...

Language: All
Filter by language
All 592 Python 178 Shell 55 JavaScript 35 Go 25 PHP 23 HTML 21 Java 21 Ruby 20 PowerShell 19 TypeScript 17
Sort: Best match
Sort options
Best match Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

CISOfy / lynis

Star 9.3k

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening
  • Updated Jan 25, 2022
  • Shell

future-architect / vuls

Star 8.9k

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

go linux golang freebsd security security-audit administrator cybersecurity security-vulnerability vulnerabilities security-hardening vulnerability-detection vulnerability-management vulnerability-scanners security-scanner vulnerability-assessment vuls security-automation security-tools vulnerability-scanner
  • Updated Jan 24, 2022
  • Go
prowler

prowler-cloud / prowler

Star 4.8k

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

aws security cis security-audit cloud aws-cli assessment forensics compliance hardening security-hardening hipaa cloudtrail hacktoberfest gdpr security-tools devsecops cis-benchmark aws-auditing well-architected
  • Updated Jan 24, 2022
  • Shell

charles2gan / GDA-android-reversing-Tool

Star 2.4k

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.

security-audit decompiler malware-analysis mobile-security vulnerability-scanners privacy-protection
  • Updated Dec 29, 2021
  • Java

codingo / Reconnoitre

Star 1.8k

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

security security-audit scanner snmp hacking range enumeration nmap penetration-testing scanning kali-linux offensive-security virtual-hosts hacking-tool security-scanner security-tools oscp service-enumeration services-discovered discover-services
  • Updated Jul 6, 2020
  • Python
find-sec-bugs

find-sec-bugs / find-sec-bugs

Star 1.8k
Open

Detect usage of Apache BeanUtils as dangerous

1
h3xstream
h3xstream commented Oct 5, 2020

Description

BeanUtils is a library that is doing automatic mapping to Java object.
It can cause arm when the attack controls part of the list of properties being sets. BeanUtils does not blacklist properties like class, classloader or other objects that are likely to load arbitrary classes and possibly run code.

Code

import org.apache.commons.beanutils.BeanUtils;

public
Read more
hacktoberfest good first issue
Find more good first issues
Wikipedia
Wikipedia